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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timety filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even If timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

Responsive to communication(s) filed on 10 November 2003 . 
2a)n This action is FINAL. 2b)IEI This action is non-final. 

3) 0 Since this application is in condition for allowance except for fomial matters, prosecution as to the nnerits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) 13 Claim(s) 1-42 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 13 Claim(s) 1-42 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) n The oath or declaration is objected to by the Examiner. Note the attached Office Action or fomn PTO-152. 
Priority under 35 U.S.C. §§119 and 120 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet, 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1.78. 
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DETAILED ACTION 

1. Claims 1-42 examined. 

2. It is hereby acknowledged that the following papers have been received and placed of 
record in the file: Amendment B on 1 1/10/2003. 

3. The rejections under 35 U.S.C. 1 12 have been withdrawn in light of applicant's 
amendments. 

Response to Arguments 

4. Applicant's arguments, see page 1 1 and following of Amendment B, filed 1 1/10/2003, 
with respect to the rejection(s)of claim(s) 1-42 under 35 U.S.C. 102 have been fully considered 
and are persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, a new ground(s) of rejection is made below. 

Claim Rejections - 35 USC §103 

5. The following is a quotation of 35 U.S.C, 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1-42 rejected under 35 U.S.C. 103(a) as being unpatentable over "Planning and 
Deploying a Single Sign-On Solution" by Netscape Communications Corporation, 1997 (herein 
referred to as Netscape) in view of Chu et al., U.S. Patent Number 6,016,508 (herein referred to 
as Chu). 

7. Referring to claim 1, Netscape has taught a method for global sign-on (GSO) comprising 
the steps of: 
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a. receiving a user login (Netscape page 4 "Basic Authentication" steps 1 and 2); 

b. determining an existence of a first directory entry corresponding to said user in 
response to a first Lightweight Directory Access Protocol (LDAP) message (Netscape 
pages 3-4""Basic Authentication" step 4 where the first directory entry corresponds to the 
usemame); and 

c. logging said user into one or more data processing services in response to one or 
more corresponding second directory entries, and wherein each of said first and second 
directory entries represents a data structure in accordance with a corresponding first and 
second predetermined LDAP schema object (Netscape pages 5-6 "Strong Authentication" 
numbers 5 and 6; page 8, "LDAP Tree Hierarchy and Entry Attributes", 2"** paragraph; 
and pages 15-16, "Mapping DNs to an LDAP entry" and "Planning Access Control" 
where the second directory entry corresponds to the passwords(s)). 

8. Netscape has not expressly taught a "second" directory entry, but has taught a 
multiplicity of entries in the LDAP directory. As seen above in paragraph 7, the first and second 
directory entries are understood to be the usemame and password(s) and together they do indeed 
form a data structure (Netscape pages 5-6 "Strong Authentication" numbers 5 and 6), 

9. Additionally, Netscape does not discuss a LDAP Protocol message as that which initiates 
the directory entry lookup. However, Chu discusses utilizing a LDAP Protocol message to 
initiate the directory entry lookup (Chu column 13, line 50 - column 14, line 2). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to utilize 
LDAP's native messaging system to initiate the aforementioned directory entry lookup. One of 
ordinary skill in the art would have been motivated to do this since the directory entries already 
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exist within the LDAP directory (also see Netscape pages 15-16, "Mapping DNs to an LDAP 
entry" and "Planning Access Control"). 

10. Referring to claim 2, Netscape has taught the method wherein each of said corresponding 
second predetermined LDAP schema objects has one or more predetermined attributes, each of 
said one or more attributes having a set of one or more values, and wherein a first one of said one 
or more attributes is operable for initiating a corresponding one of said data processing services 
(Netscape pages 5-6 "Strong Authentication" numbers 5 and 6; page 8, "LDAP Tree Hierarchy 
and Entry Attributes", 2"*^ paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and 
"Planning Access Control"). 

1 1 . Referring to claim 3, Netscape has taught the method wherein said step of logging said 
user into one or more data processing systems is in response to first one of said one or more 
attributes having a first predetermined data value (Netscape pages 5-6 "Strong Authentication" 
numbers 5 and 6). 

12. Referring to claim 4, Netscape has taught the method wherein said step of logging said 
user into said one or more data processing services comprises the steps of for each data 
processing service, reading a user identifier (UID) and a password fi-om a corresponding one of 
said second directory entries; and logging in said user using said UK) and said password 
(Netscape pages 3-6 "Client Authentication and Single Sign-On"). 

13. Referring to claim 5, Netscape has taught the method further comprising the step of 
starting said one or more data processing services in response to one or more third directory 
entries, each of said third directory entries representing a data structure in accordance with a 
corresponding third predetermined schema object (Netscape pages 3-6 "Client Authentication 
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and Single Sign-On" where the definition of starting is well known to be the same as the 
definition of initiating (See Webster's Dictionary, 10^^ ed.); page 8, "LDAP Tree Hierarchy and 
Entry Attributes", 2"^ paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and 
"Planning Access Control"). 

14. Referring to claim 6, Netscape has taught the method further comprising the step of 
invoking an initialization routine corresponding to each of said data processing services, wherein 
each of said corresponding third predetermined LDAP schema objects includes a set of one or 
more attributes, and wherein said initialization routine is determined in response to a value of a 
first attribute of said set of one or more attributes (Netscape pages 3-6 "Client Authentication 
and Single Sign-On" where starting is the same as initiating; page 8, "LDAP Tree Hierarchy and 
Entry Attributes", 2"^ paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and 
"Planning Access Control"). 

15. Referring to claim 7, Netscape has taught the method wherein said step of logging said 
user into one or more data processing services includes the step of determining if a first one of 
said data processing services requires a prerequisite service (Netscape pages 3-6 "Client 
Authentication and Single Sign-On" where inherently every task or service that is required to 
perform prior to the desired task or service must execute before the desired task or service.). 

16. Referring to claim 8, Netscape has taught the method wherein each of said corresponding 
second predetermined LDAP schema objects has one or more predetermined attributes, each of 
said one or more attributes having a set of one or more values, and wherein determining if said 
first one of said data processing services requires a prerequisite service is in response to a 
preselected value of a first one of said one or more attributes (Netscape pages 3-6 "Client 
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Authentication and Single Sign-On"; page 8, "LDAP Tree Hierarchy and Entry Attributes", 2"*^ 
paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and "Planning Access Control" 
where inherently every task or service that is required to perform prior to the desired task or 
service must execute before the desired task or service.). 

1 7. Referring to claim 9, Netscape has taught the method wherein said step of logging said 
user into one or more data processing services includes the step of determining if a first one of 
said data processing services takes an identifier value (Netscape pages 3-6 "Client 
Authentication and Single Sign-On" specifically figure 2, step 4 and figure 3, step 6). 

1 8 . Referring to claim 1 0, Netscape has taught the method wherein determining if a first one 
of said data processing services takes an identifier value is in response to a fourth directory entry, 
said fourth directory entry representing a data structure in accordance with a corresponding 
fourth predetermined LDAP schema object (Netscape pages 3-6 "Client Authentication and 
Single Sign-On" specifically figure 2, step 4 and figure 3, step 6; page 8, "LDAP Tree Hierarchy 
and Entry Attributes", 2"^ paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and 
"Planning Access Control"). 

19. Referring to claim 1 1, Netscape has taught the method wherein said fourth predetermined 
LDAP schema object has one or more predetermined attributes, each of said one or more 
attributes having a set of one or more values, and wherein determining if said first one of said 
data processing services takes an identifier value is in response to a preselected value of a first 
one of said one or more attributes (Netscape pages 3-6 "Client Authentication and Single Sign- 
On" specifically figure 2, step 4 and figure 3, step 6; page 8, "LDAP Tree Hierarchy and Entry 
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Attributes", 2"^ paragraph; and pages 15-16, "Mapping DNs to an LDAP entry" and "Planning 
Access Control"). 

20. Referring to claim 12, Netscape has taught the method further comprising the step of 
invoking an initialization routine corresponding to said first data processing service in response 
to an attribute value in a third directory entry corresponding to said first data processing service, 
said third directory entry representing a data structure in accordance with a corresponding third 
predetermined LDAP schema object, said initialization routine being determined in response to 
said attribute value, and v^herein said identifier value is passed to said initialization routine 
(Netscape pages 3-6 "Client Authentication and Single Sign-On" specifically figure 2, step 4 and 
figure 3, step 6; page 8, "LDAP Tree Hierarchy and Entry Attributes", 2"*^ paragraph; and pages 
15-16, "Mapping DNs to an LDAP entry" and "Planning Access Control"). 

21. Referring to claims 13 and 14, Netscape has taught the method wherein said identifier 
value is a required or optional identifier value (Netscape pages 3-6 "Client Authentication and 
Single Sign-On" specifically figure 2, step 4 and figure 3, step 6 where every identifier value - 
or piece of required information - is inherently either required or optional). 

22. Claims 15-28 do not recite limitations above the claimed invention set forth in claims 1- 
14 and are therefore rejected for the same reasons set forth in the rejection of claims 1-14 above. 

23. Claims 29-42 do not recite limitations above the claimed invention set forth in claims 1- 
14 and are therefore rejected for the same reasons set forth in the rejection of claims 1-14 above. 
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Conclusion 

24. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 
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Novell, Inc.; "Novell Single Sign-on Makes Easy Network Access a Reality"; Press 
Release; Provo, Utah; July 21, 1999. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Scott M. Collins whose telephone number is 703.305.7865. The 
examiner can normally be reached on Mon.-Fri. 8:00 am - 5:30 pm with alt. Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A Wiley can be reached on 703.308.5221 . The fax phone number for the 
organization where this application or proceeding is assigned is 703.746.7239. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703.305.3900. 
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